If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

T1 or slackware server? where to first?

I have been given the opportunity to to do my first pen test on an active web server or T1 port.

The targets of the test are a Cisco DSU/CSU T1 router or a slackware 12.2 web server running IP tables for a fire wall allowing only port 80 for the web documents and port 22 for ssh to communicate...

After doing the initial footprint I think the router will only allow internal access to configure it. From there I mapped the open ports on the slackware server to find 80 and 22 open. At this point I'm at a loss where to go next? It seems as if the IPtables are preventing communication with the server. Can I spoof them with some thing as simple as MAC changer?

I have been given the opportunity to to do my first pen test on an active web server or T1 port.

The targets of the test are a Cisco DSU/CSU T1 router or a slackware 12.2 web server running IP tables for a fire wall allowing only port 80 for the web documents and port 22 for ssh to communicate...

After doing the initial footprint I think the router will only allow internal access to configure it. From there I mapped the open ports on the slackware server to find 80 and 22 open. At this point I'm at a loss where to go next? It seems as if the IPtables are preventing communication with the server. Can I spoof them with some thing as simple as MAC changer?

I assume your client knows that you are basically doing this test for practice and is aware of the potential risk from getting a security assessment from inexperienced personnel? Its unlikely that the client themselves will be getting full value out of the test if you have never performed one before and don't know how they should be done. It could even be detrimental to them if you end up breaking something because you haven't tested your methods appropriately.

As for what to do next, it depends on the scope of the test (allowed target hosts and methods) and the objective of the test. Check out the OSSTM and OWASP testing guide to get more ideas. Its a good idea to read these not just for technical ideas of what to do next, but also to give you an idea of the proper way a test is conducted including Scoping, Permission Memos and Rules of Engagement.

Before you do anything else make sure you have legal permission and that you know the potential impact of the tools and techniques you use (e.g. test them beforehand in an isolated lab).

Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

No problem I can fix it...

It is our own server - essentially a non production web server we built. There is no essential data on it and since I built it I can fix it if I break it. I have spoken with the senior admin when I'm working and we decided that this server would be a perfect one to experiment on.